[Swan-dev] Mac OS Sonoma IKEv2 issue
Paul Wouters
paul at nohats.ca
Fri Mar 1 23:55:51 EET 2024
On Fri, 1 Mar 2024, Rolando Bermúdez Peña via Swan-dev wrote:
> I have libresawn version "ibreswan-3.25-4.8.amzn2.0.2.x86_64" for a vpn in a server.
> I am trying to connect using IKEv2 from Mac clients.
>
> From a Mac with Ventura it connects fine, from a Mac with Sonoma it does not connect.
> These are the logs for both connections.
>
> Just trying to figure out what I have wrong in the server configuration or the client.
>
> Sonoma 14.3 (NOT WORKING)
> #16: Authenticated using RSA
> #16: DigSig: no compatible DigSig hash algo
Looks like it might be trying RSA-v1.5 instead of RSA-PSS
you can try using: authby=rsa-sha2,rsa-sha1
See also the ipsec.conf man page for "authby=" that explains this in
more detail.
> Ventura 13.5.2 (WORKING)
> #17: Authenticated using RSA
If you use 5.0rc1 or git main, it should tell you in more details what
RSA parameters were used to authenticate.
Paul
More information about the Swan-dev
mailing list